MS RPC (an Extension?) (fwd)

Luke Kenneth Casson Leighton lkcl at switchboard.net
Thu Aug 20 18:33:16 GMT 1998 


<a href="mailto:lkcl at samba.anu.edu.au" > Luke Kenneth Casson Leighton  </a>
<a href="http://mailhost.cb1.com/~lkcl"> Samba and Network Development </a>
<a href="http://www.samba.co.uk"       > Samba and Network Consultancy </a>

---------- Forwarded message ----------
Date: Thu, 20 Aug 1998 14:01:55 -0400
From: Seiichi Tatsukawa <stat at ATRIA.COM>
Reply-To: Common Internet File System <CIFS at DISCUSS.MICROSOFT.COM>
To: CIFS at DISCUSS.MICROSOFT.COM
Subject: Re: MS RPC (an  Extension?)

|hey, is this the one that does:
|
|- NTLMSSP requested in the SMBtrans-request rpc bind-req
|
|- 8-byte challenge in the "authentication verifier" of the
|SMBtrans-response rpc bind-ack
|
|two ntlm 24-byte challenge-responses in a "authentication verifier" of a
|SMBwriteX rpc bind-req


Well, I only speak about DCE/RPC, not how Microsoft's authentication service
uses it. Here is how 3-way auth works. (Note: I worked on OSF DCE/RPC
implementation which doesn't use 3-way auth. So, I may missed something. Read
the specs. if you are really interested.)

Client sends BIND PDU
 w/ auth trailer specifying
    authentication service, level and opaque data (auth specific)

Server runtime asks the auth service to verify it.
 If the auth service says it requires 3-way auth,
 the server goes to the auth3 wait state (waiting for AUTH3 PDU).

Server sends BIND_ACK PDU
 w/ auth trailer specifying
    authentication service, level and opaque data (auth specific)

Client sends AUTH3 PDU
 w/ auth trailer specifying
    authentication service, level and opaque data (auth specific)

Server runtime asks the auth service to verify it.


I'm sure that you can guess how NTLM is used with this stuff. :-)

|all subsequent dce/rpc calls have either encrypted "stub data" or an
|"authentication verifier" attached?


It depends on the auth level specified in the auth trailer.

dce_c_authn_level_none = 1
  No authentication performed
dce_c_authn_level_connect = 2
  Only on "connect"
dce_c_authn_level_call = 3
  On first fragment of each request
dce_c_authn_level_pkt = 4
  On each fragment
dce_c_authn_level_pkt_integ = 5
  Strong integrity check on each fragment
dce_c_authn_level_pkt_privacy = 6
  Encrypt each fragment

---  Seiichi

                +        Seiichi Tatsukawa         +
                + Rational Software, Lexington, MA +

----------------------------------------------------------------
Users Guide http://www.microsoft.com/workshop/essentials/mail.asp
contains important info including how to unsubscribe.  Save time, search
the archives at http://discuss.microsoft.com/archives/index.html

More information about the samba-technical mailing list